admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-06-11 20:00:51 +00:00
parent 06683a68de
commit 5b364800e2
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
10 changed files with 236 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
1999/0xxx/CVE-1999-0095.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"refsource": "FULLDISC",
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
]
}

5
1999/0xxx/CVE-1999-0145.json
View File

@ -81,6 +81,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"refsource": "FULLDISC",
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
]
}

5
2017/5xxx/CVE-2017-5953.json
View File

@ -76,6 +76,11 @@
"name": "https://groups.google.com/forum/#!topic/vim_dev/t-3RSdEnrHY",
"refsource": "CONFIRM",
"url": "https://groups.google.com/forum/#!topic/vim_dev/t-3RSdEnrHY"
},
{
"refsource": "UBUNTU",
"name": "USN-4016-1",
"url": "https://usn.ubuntu.com/4016-1/"
}
]
}

5
2019/10xxx/CVE-2019-10149.json
View File

@ -108,6 +108,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"
},
{
"refsource": "FULLDISC",
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
]
},

5
2019/12xxx/CVE-2019-12504.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153185/Inateck-2.4-GHz-Wearable-Wireless-Presenter-WP2002-Keystroke-Injection.html",
"url": "http://packetstormsecurity.com/files/153185/Inateck-2.4-GHz-Wearable-Wireless-Presenter-WP2002-Keystroke-Injection.html"
},
{
"refsource": "FULLDISC",
"name": "20190611 [SYSS-2019-008]: Inateck 2.4 GHz Wearable Wireless Presenter WP2002 - Keystroke Injection Vulnerability",
"url": "http://seclists.org/fulldisclosure/2019/Jun/14"
}
]
}

5
2019/12xxx/CVE-2019-12506.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153186/Logitech-R700-Laser-Presentation-Remote-Keystroke-Injection.html",
"url": "http://packetstormsecurity.com/files/153186/Logitech-R700-Laser-Presentation-Remote-Keystroke-Injection.html"
},
{
"refsource": "FULLDISC",
"name": "20190611 [SYSS-2019-015]: Logitech R700 Laser Presentation Remote - Keystroke Injection Vulnerability",
"url": "http://seclists.org/fulldisclosure/2019/Jun/15"
}
]
}

5
2019/12xxx/CVE-2019-12735.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-d79f89346c",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2BMDSHTF754TITC6AQJPCS5IRIDMMIM7/"
},
{
"refsource": "UBUNTU",
"name": "USN-4016-1",
"url": "https://usn.ubuntu.com/4016-1/"
}
]
}

70
2019/3xxx/CVE-2019-3411.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3411",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ZTE MF920",
"version": {
"version_data": [
{
"affected": "<=",
"version_value": "All versions up to BD_R218V2.4"
}
]
}
}
]
},
"vendor_name": "ZTE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +35,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. Due to some interfaces can obtain the WebUI login password without login, an attacker can exploit the vulnerability to obtain sensitive information about the affected components."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010686",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010686"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

70
2019/3xxx/CVE-2019-3412.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3412",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ZTE MF920",
"version": {
"version_data": [
{
"affected": "<=",
"version_value": "All versions up to BD_R218V2.4"
}
]
}
}
]
},
"vendor_name": "ZTE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +35,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by command execution vulnerability. Due to some interfaces do not adequately verify parameters, an attacker can execute arbitrary commands through specific interfaces."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010686",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010686"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}

70
2019/3xxx/CVE-2019-3413.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "psirt@zte.com.cn",
"ID": "CVE-2019-3413",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NetNumen DAP",
"version": {
"version_data": [
{
"affected": "<=",
"version_value": "All versions up to NetNumen DAP V20.18.40.R7.B1"
}
]
}
}
]
},
"vendor_name": "ZTE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +35,48 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an XSS vulnerability. Due to the lack of correct validation of client data in WEB applications, which results in users being hijacked."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "Medium",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010797",
"url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010797"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}